package com.example.dao;

import com.example.util.DBConnection;

import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;

public class AdminDao {
    DBConnection DBConn = new DBConnection();
    public boolean CheckLogin(String S1, String S2) throws SQLException {
        //DBConn对象代表了MYSQL数据库的连接

        Connection conn = DBConn.getConn();
        Statement stmt =conn.createStatement();
        ResultSet rs = null;
        boolean OK = true;
        //todo 密码加密 账户密码过滤
        String sql = "SELECT * FROM admin WHERE " +
                "AdminName = '"+S1+"' AND AdminPwd = '"+S2+"'";
        rs = stmt.executeQuery(sql);//执行sql语句
        if (!rs.next()){
            OK = false;
        }
        return OK;
    }
}
